From c73ad40b7ff34490b9863e382d5b75ae133f5c35 Mon Sep 17 00:00:00 2001
From: RGBCube <git@rgbcu.be>
Date: Mon, 15 Jan 2024 14:51:40 +0300
Subject: [PATCH] Add endlessh-go

---
 hosts/cube/mail.nix     |  2 +-
 modules/endlessh-go.nix | 32 ++++++++++++++++++++++++++++++++
 modules/endlessh.nix    |  8 --------
 3 files changed, 33 insertions(+), 9 deletions(-)
 create mode 100644 modules/endlessh-go.nix
 delete mode 100644 modules/endlessh.nix

diff --git a/hosts/cube/mail.nix b/hosts/cube/mail.nix
index fa96e2b..7ceba32 100644
--- a/hosts/cube/mail.nix
+++ b/hosts/cube/mail.nix
@@ -10,7 +10,7 @@ in serverSystemConfiguration {
   };
 
   services.prometheus.scrapeConfigs = [{
-    job_name = "mail";
+    job_name = "postfix";
 
     static_configs = [{
       labels.job = "postfix";
diff --git a/modules/endlessh-go.nix b/modules/endlessh-go.nix
new file mode 100644
index 0000000..6c2eddc
--- /dev/null
+++ b/modules/endlessh-go.nix
@@ -0,0 +1,32 @@
+{ config, ulib, pkgs, ... }: with ulib;
+
+serverSystemConfiguration {
+  services.prometheus.scrapeConfigs = [{
+    job_name = "endlessh-go";
+
+    static_configs = [{
+      labels.job = "endlessh-go";
+      targets    = [
+        "[::]:${toString config.services.endlessh-go.prometheus.port}"
+      ];
+    }];
+  }];
+
+  nixpkgs.config.allowUnfree = true; # For pkgs.clash-geoip.
+
+  services.endlessh-go = enabled {
+    openFirewall = true;
+    port         = 22;
+
+    extraOptions = [
+      "-alsologtostderr"
+      "-geoip_supplier max-mind-db"
+      "-max_mind_db ${pkgs.clash-geoip}/etc/clash/Country.mmdb"
+    ];
+
+    prometheus = enabled {
+      listenAddress = "[::]";
+      port          = 9050;
+    };
+  };
+}
diff --git a/modules/endlessh.nix b/modules/endlessh.nix
deleted file mode 100644
index b9e25ea..0000000
--- a/modules/endlessh.nix
+++ /dev/null
@@ -1,8 +0,0 @@
-{ ulib, ... }: with ulib;
-
-serverSystemConfiguration {
-  services.endlessh = enabled {
-    openFirewall = true;
-    port         = 22;
-  };
-}